OSNews: http://www.osnews.com/story/24087/Chrome_Adds_Flash_Sandboxing
Exploring the Future of Computingen-usCopyright 2001-2018, David Adamsadam+nospam@osnews.comThu, 24 May 2018 20:19:23 GMThttp://www.osnews.com/images/osnews.gifOSNews.comhttp://www.osnews.com
Sandboxing is nice...http://www.osnews.com/thread?451856
http://www.osnews.com/thread?451856...but I'd prefer an Internet without having to use Flash, period.

Google didn't exactly make a good example when they decided to include Flash with Chrome by default. Nice way to strengthen Adobe's already ridiculous reach on the Web.

Weakened security of the entire browser right from the start is just a side effect.Wed, 01 Dec 2010 23:21:00 GMTdonotreply@osnews.com (UltraZelda64)CommentsRE: Sandboxing is nice...http://www.osnews.com/thread?451865
http://www.osnews.com/thread?451865Google has no other option. There are no (widespread) alternatives yet for advanced video delivery, like YouTube, that offer features like DRM support and subtitles.Thu, 02 Dec 2010 00:46:00 GMTdonotreply@osnews.com (MoreTea)CommentsRE: Sandboxing is nice...http://www.osnews.com/thread?451868
http://www.osnews.com/thread?451868Its less about politics and more about making a great browser.Thu, 02 Dec 2010 01:03:00 GMTdonotreply@osnews.com (google_ninja)CommentsRE[2]: Sandboxing is nice...http://www.osnews.com/thread?451870
http://www.osnews.com/thread?451870Simply false, in fact, the very site you mention here can be used almost exclusively without Flash at all via http://www.youtube.com/html5Thu, 02 Dec 2010 01:18:00 GMTdonotreply@osnews.com (Lunitik)CommentsI might this in IE &amp; Opera.http://www.osnews.com/thread?451871
http://www.osnews.com/thread?451871I'm a Opera & IE9 user, If sandboxing is really good then I want this features in IE & Opera too Edited 2010-12-02 01:32 UTCThu, 02 Dec 2010 01:31:00 GMTdonotreply@osnews.com (ramasubbu_sk)CommentsRE[3]: Sandboxing is nice...http://www.osnews.com/thread?451873
http://www.osnews.com/thread?451873That's for general video that doesn't require DRM.

Have a look at what their video rental service uses:http://www.youtube.com/storeThu, 02 Dec 2010 01:58:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsWhat about other plugins?http://www.osnews.com/thread?451878
http://www.osnews.com/thread?451878That's good and all, but what about other plugins?Thu, 02 Dec 2010 02:31:00 GMTdonotreply@osnews.com (robojerk)CommentsRE: Sandboxing is nice...http://www.osnews.com/thread?451883
http://www.osnews.com/thread?451883

Google didn't exactly make a good example when they decided to include Flash with Chrome by default. Nice way to strengthen Adobe's already ridiculous reach on the Web.

The underlying motivation is Chrome OS. They want to throw everything into the browser and don't care if it means ensuring the Flash install base stays high.

They had a chance to displace Flash through YouTube but didn't act on it.

But the good news is that Flash at least has competition now.Thu, 02 Dec 2010 03:06:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsRE[2]: Sandboxing is nice...http://www.osnews.com/thread?451888
http://www.osnews.com/thread?451888

Google has no other option. There are no (widespread) alternatives yet for advanced video delivery, like YouTube, that offer features like DRM support and subtitles.

True but there is no reason for it to be all one way or all the other - use Flash and HTML5 in the respective scenarios where it makes sense. I loath Flash but the best one can do is limit its use to where it makes sense instead of abusing it like so many web developers seem to be hell bent on doing.Thu, 02 Dec 2010 03:52:00 GMTdonotreply@osnews.com (kaiwai)CommentsRE[4]: Sandboxing is nice...http://www.osnews.com/thread?451891
http://www.osnews.com/thread?451891

That's for general video that doesn't require DRM.

Video doesn't require DRM. By far the most use of video on the web is for small ads and personal videos.

Ahhhhh ... you are on about something else entirely ... video rentals. You are saying that content providers say that they require DRM (certainly I can't see any content consumers saying they required DRM). Maybe so, but that is an entirely different thing to claiming that "video requires DRM".

Video rental is a tiny market indeed, a very small sub-division of "Internet video".

Solution: use a different, dedicated application to deliver DRM-encumbered on-demand video. Problem solved. Forget browsers, which are after all userland programs designed to render a wide range of material that is freely offered over the Internet for users to view. There should be no anti-user DRM requirement there.Edited 2010-12-02 04:39 UTCThu, 02 Dec 2010 04:31:00 GMTdonotreply@osnews.com (lemur2)CommentsComment by Luminairhttp://www.osnews.com/thread?451894
http://www.osnews.com/thread?451894I object to calling Windows XP archaicThu, 02 Dec 2010 04:53:00 GMTdonotreply@osnews.com (Luminair)CommentsRE: Comment by Luminairhttp://www.osnews.com/thread?451901
http://www.osnews.com/thread?451901You mean...

Video rental is a tiny market indeed, a very small sub-division of "Internet video".

I think that is a growing market and I know that now Netflix streams more video than it distributes DVDs - here in the States anyway.Thu, 02 Dec 2010 05:33:00 GMTdonotreply@osnews.com (Tuishimi)CommentsRE[2]: Comment by Luminairhttp://www.osnews.com/thread?451906
http://www.osnews.com/thread?451906XP is old, not archaic. Feature-wise it still compares well against most alternatives. Yes, there are better systems available now but there are plenty of worse too.

Firefox on XP runs Flash in a separate process. Doesn't it qualify as a form of sandboxing?Thu, 02 Dec 2010 06:08:00 GMTdonotreply@osnews.com (ndrw)CommentsRE[2]: Sandboxing is nice...http://www.osnews.com/thread?451907
http://www.osnews.com/thread?451907

Google has no other option. There are no (widespread) alternatives yet for advanced video delivery, like YouTube, that offer features like DRM support and subtitles.

There are only a handful of sites I am forced to use Flash on--YouTube and a few porn sites (the video sections mostly). And if I played online games regularly (I don't), those too. The rest almost all run fine without it. No one else includes Flash by default, so Google certainly did have a choice--they apparently just figured they'd get a larger number of Chrome users by including it with the browser. How, I don't know--Flash already seems to be preinstalled on almost every computer. In reality, it doesn't seem like it gains them much.Thu, 02 Dec 2010 07:05:00 GMTdonotreply@osnews.com (UltraZelda64)CommentsRE[3]: Comment by Luminairhttp://www.osnews.com/thread?451909
http://www.osnews.com/thread?451909

90% of exploits are using Flash and PDF. Google know this. Google knows that Adobe completely suck and canât get their act together so Google have to protect users from Adobe.

Theyâve bundled Flash into Chrome so that it can be updated every 24 hours instead of 30 days. Theyâve now sandboxed Flash, and theyâre building in a PDF viewer into Chrome so people donât have to download that abomination that is Acrobat.

Google are doing more for the average userâs security here than Microsoft, Adobe and Anti-virus vendors combined. If most exploits are coming through the web browser, and the web browser is locked down enough, then it wonât matter to the majority what OS they are using, even if itâs old and "insecure".Thu, 02 Dec 2010 07:43:00 GMTdonotreply@osnews.com (Kroc)CommentsRE[6]: Sandboxing is nice...http://www.osnews.com/thread?451917
http://www.osnews.com/thread?451917

"Video rental is a tiny market indeed, a very small sub-division of "Internet video".

I think that is a growing market and I know that now Netflix streams more video than it distributes DVDs - here in the States anyway. "

Maybe so, but it still is small enough and distinct enough from the general nature of the web that it could easily be served by a separate application.

It certainly isn't a good enough reason to saddle every browser client with a requirement to support DRM. It serves the interests of only a teeny tiny percentage of people. It isn't the interests of people who run browsers and watch video that is being served by DRM ... in fact their rights are being "managed" (where "managed" is a euphamism for "restricted") on their own machines.

For every billion people:

Those whose interests are "managed" by DRM ~= 10^9
Those whose interests are served by DRM ~= 9.Edited 2010-12-02 07:50 UTCThu, 02 Dec 2010 07:49:00 GMTdonotreply@osnews.com (lemur2)CommentsRE[2]: Sandboxing is nice...http://www.osnews.com/thread?451931
http://www.osnews.com/thread?451931Just because Flash is bundled, doesnât mean you have to ever use it. That is a concious decision made by developers. Bundling Flash is for security reasons only. Adobe cannot be trusted to keep users secure. Their update mechanism is awful and their Flash download website tries to foister crapware on users.

Google didnât invest $120M in On2 for nothing. HTML5 video simply isnât nearly ready enough to wholesale replace Flash. It will when it is good and ready and Google are working on it.Thu, 02 Dec 2010 10:04:00 GMTdonotreply@osnews.com (Kroc)CommentsRE[3]: Sandboxing is nice...http://www.osnews.com/thread?451940
http://www.osnews.com/thread?451940This has been discussed a million times over. Flash, and the display of flash video entails heaps of things more than the simple display of a video file and html5 is NOT a replacement for Flash -- which is not the same as claiming that it cannot display videos.

Stop the nagging, there is no alternative to Flash. Again, that is not the same as saying there is no alternative to watching videos.Thu, 02 Dec 2010 11:15:00 GMTdonotreply@osnews.com (Googol)CommentsSandboxing plugins on Linuxhttp://www.osnews.com/thread?451941
http://www.osnews.com/thread?451941I've been sandboxing plugins on Linux (not just Flash. Mind you, java & friends aren't more secure.) since years.

It's simple, in the past you were using a plugin wrapper, now you can use the integrated plugin wrappers.

They all start a separate process for the plugin.

That process is isolated with your favorite mandatory access control system, be it SELinux, RSBAC, TOMOYO, AppArmor or what not.

It's also most likely a lot more secure than the way Chrome does it, since a bug in Chrome can only affect the initial sandbox startup here.

I actually think that all these sandboxes should be replaced by generic security (SELinux, RSBAC, ..) and work should be make to make them seemless or part of a dev API (eg if it's supported the rules are auto setup by the program/package)Thu, 02 Dec 2010 11:19:00 GMTdonotreply@osnews.com (_xmv)CommentsRE: Sandboxing plugins on Linuxhttp://www.osnews.com/thread?451946
http://www.osnews.com/thread?451946

I actually think that all these sandboxes should be replaced by generic security (SELinux, RSBAC, ..) and work should be make to make them seemless or part of a dev API (eg if it's supported the rules are auto setup by the program/package)

With the diversity of access control systems available, do you envision an API emerging?Thu, 02 Dec 2010 12:13:00 GMTdonotreply@osnews.com (vodoomoth)CommentsRE[5]: Comment by Luminairhttp://www.osnews.com/thread?451947
http://www.osnews.com/thread?451947

Theyâve bundled Flash into Chrome so that it can be updated every 24 hours instead of 30 days.

This has been discussed a million times over. Flash, and the display of flash video entails heaps of things more than the simple display of a video file and html5 is NOT a replacement for Flash -- which is not the same as claiming that it cannot display videos.

Stop the nagging, there is no alternative to Flash. Again, that is not the same as saying there is no alternative to watching videos.

Lightspark is also not Adobe's code, nor is it Google's code. Different code.

So no, Google devs will not fix Adobe's Flash, Google devs will work on the embedded Flash handler which is part of Chrome. Different thing entirely.Edited 2010-12-02 12:24 UTCThu, 02 Dec 2010 12:23:00 GMTdonotreply@osnews.com (lemur2)CommentsComment by jabbottshttp://www.osnews.com/thread?451954
http://www.osnews.com/thread?451954"After pioneering sandboxing of Javascript and tabs in the browser, Chrome is now finally busy moving Flash into a sandbox."

I believe Adobe allows all of their Open Screen Project partners access to their Flash Player code.Thu, 02 Dec 2010 13:54:00 GMTdonotreply@osnews.com (RichterKuato)CommentsRE: Sandboxing plugins on Linuxhttp://www.osnews.com/thread?451962
http://www.osnews.com/thread?451962It's not that kind of sandboxing. They aren't just putting Flash into it's own process here. They are sandboxing the instances of Flash into separate processes. So in theory if one Flash object crashes the other instances is still remain.

This is what they wanted to do when they from the start (when they first showed off sandboxing) but couldn't. Partly because they didn't have access to Adobe's code before.Thu, 02 Dec 2010 14:01:00 GMTdonotreply@osnews.com (RichterKuato)CommentsRE[3]: Sandboxing is nice...http://www.osnews.com/thread?451963
http://www.osnews.com/thread?451963

Just because Flash is bundled, doesnât mean you have to ever use it.

It still advertises to every site that it is installed, adding a +1 to the count of visitors who have Flash--whether you ever really want to use it or not. Who says they want to help Adobe out in this way, inflating their already-high numbers?

Bundling Flash is for security reasons only. Adobe cannot be trusted to keep users secure. Their update mechanism is awful and their Flash download website tries to foister crapware on users.

Did I just read that right? That Google is trying to "keep users secure" by preinstalling one of the most insecure plugins on the face of the planet? If anything, it should be *left out* for security reasons. And strictly recommended *against* installing for safety.Edited 2010-12-02 14:13 UTCThu, 02 Dec 2010 14:12:00 GMTdonotreply@osnews.com (UltraZelda64)CommentsRE: Comment by jabbottshttp://www.osnews.com/thread?451964
http://www.osnews.com/thread?451964Every tab in chrome runs in its own process. This is why one tab can't cause the entire browser to crash.Thu, 02 Dec 2010 14:16:00 GMTdonotreply@osnews.com (kittynipples)CommentsRE[7]: Sandboxing is nice...http://www.osnews.com/thread?451965
http://www.osnews.com/thread?451965O.K. I see what you are saying... I misunderstood your angle.Thu, 02 Dec 2010 14:30:00 GMTdonotreply@osnews.com (Tuishimi)Commentsyay sandboxing! maybehttp://www.osnews.com/thread?451968
http://www.osnews.com/thread?451968I haven't tested it, but I wonder if it handles it better than firefox. I noticed the other day that when I'm playing a flash game (you can pry my tower defense games from my cold dead fingers) in a tab and I decide to tear the tab off into its own window, it reloads the flash file in the new tab. REEAAALLLY annoying when I'm on level 15 and about to take on the boss ;PThu, 02 Dec 2010 15:03:00 GMTdonotreply@osnews.com (helf)CommentsRE[2]: Comment by jabbottshttp://www.osnews.com/thread?451969
http://www.osnews.com/thread?451969except it can. I've had chrome flake out on a tab plenty of times taking the entire app down with it. It also makes it use up an extraordinary amount of ram.Thu, 02 Dec 2010 15:04:00 GMTdonotreply@osnews.com (helf)CommentsRE[5]: Sandboxing is nice...http://www.osnews.com/thread?451970
http://www.osnews.com/thread?451970I would not call video rental a tiny market. It's a fast growing market that is already fairly large and there was just a report out stating that just Netflix used up 20% of Americas bandwidth - http://www.zdnet.com/blog/networking/the-internet-belongs-to-netfli...

That is massive.

Course, flash really isn't necessary for Netflix, I don't think. I use a Roku box for my Netflix fix I'm not sure what it is using to stream it.Thu, 02 Dec 2010 15:11:00 GMTdonotreply@osnews.com (helf)CommentsRE[6]: Comment by Luminairhttp://www.osnews.com/thread?451971
http://www.osnews.com/thread?451971No, but when there is a fix from Adobe, Google can push the update out to users within 24 hours, rather tan users having to wait 30 days for the Flash update prompt, which they then immediately dismiss.Thu, 02 Dec 2010 15:15:00 GMTdonotreply@osnews.com (Kroc)CommentsRE[7]: Comment by Luminairhttp://www.osnews.com/thread?451972
http://www.osnews.com/thread?451972OK. My interpretation of the article as written was that there was some kind of partnership between Adobe and Google while in fact, this is not different from Chrome implementing CSS or JS: it's just an implementation of a specification.

Just because Flash is bundled, doesnât mean you have to ever use it. That is a concious decision made by developers. Bundling Flash is for security reasons only.

They could sandbox it without bundling it.

As UZ64 already pointed it out this isn't about choosing to use it, the problem is that it boosts the Flash install base even if the user doesn't need it.

If Google was actually concerned with user security then they would have removed Flash from YouTube after purchasing it. They go well beyond just using it for videos, have a look at the giant Flash ad that they have on the home page:http://www.youtube.com/

And don't tell me about Adobe and security. I'm the one who pointed out that a recent buffer overrun of theirs involved the textbook example of strcat(). You cannot read a book about buffer overruns without reading about strcat() and strcpy().

Google is not concerned with security. They after all got hacked by using IE6 internally. That is completely inexcusable given the nature of their business.Thu, 02 Dec 2010 15:24:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsRE[5]: Comment by Luminairhttp://www.osnews.com/thread?451976
http://www.osnews.com/thread?451976

ASLR, UAC and having a basic scanner installed by default makes life much harder for malware writers. That's a fact.

Google are doing more for the average userâs security here than Microsoft, Adobe and Anti-virus vendors combined.

That's funny. What do you think has kept the Flash install base so high? Crappy Flash ads? Before Hulu got popular everyone was installing Flash exclusively for YouTube. Apple is the only company that has drawn a line with Flash, albeit for disingenuous reasons. Google is concerned with getting as many eyeballs as possible to see their ads, not security. There are small companies on thin budgets that tell IE6 users to F the hell off. What does billions in the bank Google do with them? Pussyfoots around and only shows Chrome ads to them on YouTube.

If most exploits are coming through the web browser, and the web browser is locked down enough, then it wonât matter to the majority what OS they are using, even if itâs old and "insecure".

Windows7/Vista provide an additional line of defense. That recent Firefox drive-by attack at the Nobel website was only looking for XP users since the attack would trigger UAC in Windows7/Vista.

XP is an unneeded security risk. Its use should be absolutely discouraged.Thu, 02 Dec 2010 16:01:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsRE: yay sandboxing! maybehttp://www.osnews.com/thread?451977
http://www.osnews.com/thread?451977I really don't see how anyone can play Flash games without wanting to chuck the computer across the room. Blinky ads, kludgey controls, ugh.

But on a positive note you should check out the South Park tower defense game on Xbox live. It's one of the best I have ever played.Thu, 02 Dec 2010 16:07:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsWhat about accessibility?http://www.osnews.com/thread?451979
http://www.osnews.com/thread?451979It's nice that they care about security but when are they going to fix accessibility? That's the biggest problem with flash right now in my opinion. Webkit has a lot of accessibility issues as well BTW. They don't seem to care about it.Thu, 02 Dec 2010 16:24:00 GMTdonotreply@osnews.com (spiderman)CommentsRE[5]: Sandboxing is nice...http://www.osnews.com/thread?451985
http://www.osnews.com/thread?451985Video rental is a tiny market indeed, a very small sub-division of "Internet video".

The Netflix stream is 21% of peak hour Internet download traffic in North America.

The Netflix client is built into your HDTV, video game console, Blu-Ray player, home theater receiver...

If people are creating seperate applications, instead of using general web technologies, then possible some things will not work on the Linux based Google Chrome OS or TV.Thu, 02 Dec 2010 17:24:00 GMTdonotreply@osnews.com (Lennie)CommentsRE[3]: Sandboxing is nice...http://www.osnews.com/thread?451987
http://www.osnews.com/thread?451987I think they wanted to do the process seperation for Flash, this maybe required a special build of flash. So it is better to just include it.Thu, 02 Dec 2010 17:28:00 GMTdonotreply@osnews.com (Lennie)CommentsRE[4]: Sandboxing is nice...http://www.osnews.com/thread?451988
http://www.osnews.com/thread?451988They are bundling it, so that Chrome updates also update Flash and they are now adding Sandboxing/process seperation.

I think that is an improvement over using the one that is already installed.Thu, 02 Dec 2010 17:30:00 GMTdonotreply@osnews.com (Lennie)CommentsRE[7]: Sandboxing is nice...http://www.osnews.com/thread?451989
http://www.osnews.com/thread?451989You obviously haven't Heard of the BBC iPlayer.

Shows after been shown on the BBC are usually available for 1 week or until the next show comes out (whichever is longer usually). Some stuff that is one off and not expected to sell well is available for sometime.

Pretty Big think in the UK ... and BBC will want to keep the DRM so that they can recoup the cash with Sales of BBC Series on DVD or Blu-ray. Which tbh is fair enough.

I don't expect that the BBC will be going to HTML5 ever.

The BBC does not show any commercials in the uk (not sure about other countries if they broadcast there) ... so it is impossible for them recoup their investment from advertising.Edited 2010-12-02 17:44 UTCThu, 02 Dec 2010 17:44:00 GMTdonotreply@osnews.com (lucas_maximus)CommentsRE[6]: Comment by Luminairhttp://www.osnews.com/thread?451990
http://www.osnews.com/thread?451990As a non-windows user and webdeveloper, I just want Windows XP (and old IE-versions) to go away.

Windows XP is the last barrier which prevents us from using SSL/TLS (https) easily everywhere. This is because IE and Safari on Windows XP use the windows library for talking to https-websites/-servers and it does not support name-based virtual hosting for https-websites.

So a server has to be configured with extra IP-addresses, etc.Thu, 02 Dec 2010 17:57:00 GMTdonotreply@osnews.com (Lennie)CommentsSanboxing in MSEhttp://www.osnews.com/thread?451991
http://www.osnews.com/thread?451991I would really like Sandboxing to become a feature of MSE or maybe even windows itself.
Windows can be secure as hell but for other software we install on it.

Let's just hope Microsoft donât get sued if MSE gets to many bells and whistles:-(

Kaspersky Internet Security for example (And maybe other AV companies as well) list all your application, from where you can sandbox them or give them varying amounts of networking privileges.

Kaspersky also do a vulnerability scan and compile a list of applications that is unpatched or insecure.

With MSE you can use Secunia's free home edition to do this job, but it would have been nice in MSE as well.Edited 2010-12-02 18:22 UTCThu, 02 Dec 2010 18:19:00 GMTdonotreply@osnews.com (fran)CommentsRE[2]: Comment by jabbotts - tabshttp://www.osnews.com/thread?451992
http://www.osnews.com/thread?451992That would make sense. Chrome was the first to separate each tab into a separate system process. (ugly as sin in the task manager but if it works ...)

I've had a similar experience with Chrome on Windows. The system was so unresponsive it hadn't even displayed the task manager after 25 minutes of waiting. Not quite a full OS crash, but there's little practical difference when the system's rendered unusable without a restart. Definitely puts me off using the browser.

Seriously? On Windows I find the latest FF4 beta so sluggish that it sometimes gives me flashbacks to browsing with Netscape 2 on a 386. After I've been using it for a while I can often count to 3 after clicking a tab before it displays.Thu, 02 Dec 2010 19:31:00 GMTdonotreply@osnews.com (Dave_K)CommentsRE[3]: Comment by jabbottshttp://www.osnews.com/thread?452006
http://www.osnews.com/thread?452006Your whole system crashes? Wow.

Not using Chrome may solve your problem, but you've still got a problem in there, somewhere.

It could be the hardware. Chrome might be revealing a defective RAM stick or there's a bug in the video drivers or the kernel.

If a web browser can crash your entire system, it really isn't the browser's fault.

Just sayin.Thu, 02 Dec 2010 19:33:00 GMTdonotreply@osnews.com (zlynx)CommentsRE[2]: yay sandboxing! maybehttp://www.osnews.com/thread?452007
http://www.osnews.com/thread?452007I never understood how anyone can play tower defense games with those crap console controllers.

I can place six items with my G9X mouse before I can get just one into place with those analog sticks.

Not using Chrome may solve your problem, but you've still got a problem in there, somewhere.

It could be the hardware. Chrome might be revealing a defective RAM stick or there's a bug in the video drivers or the kernel.

I know. Yet, I run pretty hard core stuff on it (windows xp on vmware) and yet chrome is the only thing that crashes it. And it does this pretty systematically.

It may be ram, bad computer model (Dell Precision M2400) or something, but not using Chrome is easier than getting the hardware debugged.Thu, 02 Dec 2010 19:59:00 GMTdonotreply@osnews.com (vivainio)CommentsRE[6]: Comment by Luminairhttp://www.osnews.com/thread?452013
http://www.osnews.com/thread?452013âtrigger UACâ¦â

You obviously haven't Heard of the BBC iPlayer. Shows after been shown on the BBC are usually available for 1 week or until the next show comes out (whichever is longer usually). Some stuff that is one off and not expected to sell well is available for sometime. Pretty Big think in the UK ... and BBC will want to keep the DRM so that they can recoup the cash with Sales of BBC Series on DVD or Blu-ray. Which tbh is fair enough. I don't expect that the BBC will be going to HTML5 ever. The BBC does not show any commercials in the uk (not sure about other countries if they broadcast there) ... so it is impossible for them recoup their investment from advertising.

I have heard of the BBC iPlayer ... nothing but controversy. A huge headache, because it was a publicly funded program that was not offered to all of the public ... it started as being Windows only.

The BBC would have been far better off to have written iPlayer as a separate, cross-platfrom application. Perhaps they could have used java or a cross-platform framework such as Qt (just like VLC is cross-platform multimedia player based on Qt). They could have made the iPlayer available to everyone in the UK who had Internet connection. They didn't. Huge problem for a public-funded organisation. The BBC can't legally take everyone's money (via paying TV licenses) and then offer their service only to a subset of people. Not on.

Likewise, the very concept of DRM requires that the client-side code is closed-source. The only viable way to deliver that to all clients is via a separate, closed-source application.

Now, companies for the most part don't have the same requirement that the BBC must operate under. Companies aren't publicly-funded, and so they can legally provide a service to only a sub-set of people. The thing is, doing that only restricts their possible market. So even companies are better served by writing a separate, cross-platform, closed-source free application for their customers to use to rent & play their videos. The more people they cover with their application, the wider the market they can sell their service to.

Seriously? On Windows I find the latest FF4 beta so sluggish that it sometimes gives me flashbacks to browsing with Netscape 2 on a 386. After I've been using it for a while I can often count to 3 after clicking a tab before it displays.

Seriously?

Firefox 4 beta 7 is the fastest and most feature-full browser of all on most systems. You must be doing it wrong, somehow.Thu, 02 Dec 2010 22:06:00 GMTdonotreply@osnews.com (lemur2)CommentsRE[7]: Comment by Luminairhttp://www.osnews.com/thread?452031
http://www.osnews.com/thread?452031Sure but it makes it a lot harder to hide a drive-by attack when it flags UAC. That Nobel website attack was looking at user agent strings to avoid 7 and Vista users.Fri, 03 Dec 2010 00:56:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsRE[5]: Comment by jabbottshttp://www.osnews.com/thread?452036
http://www.osnews.com/thread?452036

Firefox 4 beta 7 is the fastest and most feature-full browser of all on most systems. You must be doing it wrong, somehow.

It's hardly a "feature-full" browser compared with Opera... Maybe after a dozen different extensions have been installed to add a sidebar, mouse gestures, tab tiling, etc.

I'm open to the possibility that something has gone wrong with my clean install of FF4b7, but Opera and Chrome run just fine on the same PC.Fri, 03 Dec 2010 01:36:00 GMTdonotreply@osnews.com (Dave_K)CommentsRE[9]: Sandboxing is nice...http://www.osnews.com/thread?452058
http://www.osnews.com/thread?452058

I have heard of the BBC iPlayer ... nothing but controversy. A huge headache, because it was a publicly funded program that was not offered to all of the public ... it started as being Windows only.

Yes originally, however there were software development management problems which hampered the iPlayer originally. Now it is available any desktop OS that supports flash, so Windows, MacOSX and Linux ... and it is available on quite a few mobile devices such as iPhone and iPad.

The BBC would have been far better off to have written iPlayer as a separate, cross-platfrom application. Perhaps they could have used java or a cross-platform framework such as Qt (just like VLC is cross-platform multimedia player based on Qt). They could have made the iPlayer available to everyone in the UK who had Internet connection. They didn't. Huge problem for a public-funded organisation. The BBC can't legally take everyone's money (via paying TV licenses) and then offer their service only to a subset of people. Not on.

How so? ... the flash based solution covers 99.9% of their audience, so it is cross platform as much as it matters. If you referring when it was originally released (some years ago now) then I would agree. But that isn't the case now.

Likewise, the very concept of DRM requires that the client-side code is closed-source. The only viable way to deliver that to all clients is via a separate, closed-source application.

Now, companies for the most part don't have the same requirement that the BBC must operate under. Companies aren't publicly-funded, and so they can legally provide a service to only a sub-set of people. The thing is, doing that only restricts their possible market. So even companies are better served by writing a separate, cross-platform, closed-source free application for their customers to use to rent &amp; play their videos. The more people they cover with their application, the wider the market they can sell their service to.

Everyone wins.

Again serving flash content covers 99% of all desktop users and many mobile users as well. Most people have it installed.

If I were making a decision on how to serve content that needs DRM I would choose Flash, because pragmatically that is the best solution that requires the least amount of development time, rather than spending a lot of development time and money writing a cross platform app.Fri, 03 Dec 2010 10:06:00 GMTdonotreply@osnews.com (lucas_maximus)CommentsRE: Sanboxing in MSEhttp://www.osnews.com/thread?452062
http://www.osnews.com/thread?452062Update
After my post I searched if Sandboxing is a Windows feature.
Microsoft 7 Ultimate have an Sandboxing application in the form of "AppLocker"

but if they happen to use any sort of antivirus-firewall-HIPS sort of software, and keep everything up to date, xp is A-OKAYFri, 03 Dec 2010 11:45:00 GMTdonotreply@osnews.com (Luminair)CommentsRE[7]: Comment by Luminairhttp://www.osnews.com/thread?452067
http://www.osnews.com/thread?452067it works fine if people are using firefox or chrome though, right? they should be using these with windows 7 too, so I don't blame ie shit bleed on xp, I blame it on ieFri, 03 Dec 2010 11:46:00 GMTdonotreply@osnews.com (Luminair)CommentsRE[4]: Comment by Luminairhttp://www.osnews.com/thread?452124
http://www.osnews.com/thread?452124How about having more than just one mod counter, then? Eg., one for the "agree/disagree", one for presentation, one for information content, humor etc.

The way it is now (everything mixed together), it is more a popularity contest than anything else. Even I can produce a comment that will earn +5 or more but it is simply no fun to write something obvious that everyone agrees with.Sat, 04 Dec 2010 01:18:00 GMTdonotreply@osnews.com (ndrw)CommentsRE[5]: Comment by Luminairhttp://www.osnews.com/thread?452136
http://www.osnews.com/thread?452136it's not a simple problem to solve, that is for sureSat, 04 Dec 2010 03:41:00 GMTdonotreply@osnews.com (Luminair)CommentsRE[2]: Comment by jabbottshttp://www.osnews.com/thread?452163
http://www.osnews.com/thread?452163

Every tab in chrome runs in its own process. This is why one tab can't cause the entire browser to crash.

This myth needs to die.

1. Child tabs pointing to the same domain as the parent will reuse its parent tab's process. If one tab crashes, it takes the whole family with it.

2. Chrome has right now an upper limit on how many content processes it will spawn (around 35-40 last I checked). After that it will start distributing new domains to existing content processes.

3. I've had dead tabs crash the whole of Chrome since a couple of versions on two different operating systems. Symptoms: A tab is apparently loading but you can't switch to it. If you close the tab, Chrome goes the way of the dodo.Edited 2010-12-04 14:48 UTCSat, 04 Dec 2010 14:46:00 GMTdonotreply@osnews.com (Erunno)CommentsJust relaxhttp://www.osnews.com/thread?452190
http://www.osnews.com/thread?452190Flash will go away eventually. Google knows it and even Adobe knows it. But it will take time and Flash is still something that almost everyone will install either way, so why not try to make it as secure as possible?

I'm with Google on this one as I don't think not including flash with Chrome would make any difference. And if they banned flash completely then no one would use the browser, because it's just a browser, not a shiny cool iDevice.

Adobe has been preparing for flash to lose foothold for quite some time now. In fact with CS5 they have shown that they have serious intentions on becoming the leading HTML5 authoring tool developer.
That's where they make the money anyway.Sun, 05 Dec 2010 00:46:00 GMTdonotreply@osnews.com (rain)CommentsRE[3]: yay sandboxing! maybehttp://www.osnews.com/thread?452196
http://www.osnews.com/thread?452196Ah pc gaming elitism, my friend is still going through that stage.

Maybe you should try the game before trashing it. It isn't a point-n-click game converted to the console. It's designed around the controller and far more challenging than any of the recent pc tower defense games.Edited 2010-12-05 02:44 UTCSun, 05 Dec 2010 02:43:00 GMTdonotreply@osnews.com (nt_jerkface)CommentsRE[4]: Comment by jabbotts - if a web browserhttp://www.osnews.com/thread?452352
http://www.osnews.com/thread?452352"If a web browser can crash your entire system, it really isn't the browser's fault. " ... unless it's IE.